For portable applications, use only the assignment = operator, the equality operators == and !=, and the unary & operator on plain-character-typed or plain-wide-character-typed expressions.unmigrated-wiki-markup
This is practice is recommended because the C99 standard requires only the digit characters ('0' - '9') to have consecutive numerical values \[[C99 |http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1124.pdf]\]. Thus, operations that rely on expected values for plain character or plain wide character-typed expressions can lead to unexpected behavior.the C Standard requires only the digit characters (0–9) to have consecutive numerical values. Consequently, operations that rely on expected values for plain-character- or plain-wide-character-typed expressions can lead to unexpected behavior.
However, because of However, due to the requirement for digit characters, the usage of other operators is allowed can be used for them according to the following restrictions:
- The binary
+operator may be used to add integer values
...
- 0
...
- through 9 to
'0'. - The binary
-operator may be used to subtract character
...
- 0
...
- .
- Relational operators
<,<=,>, and>=
...
- can be used to check whether a character or wide character is a digit.
Character types should be chosen and used in accordance with STR04-C. Use plain char for characters in the basic character set.
Noncompliant Code Example
This noncompliant code example
...
The following example would seem to check attempts to determine if the value of a character variable is between 'a' and 'c' inclusive. However, since it is not required by the C99 standard that because the C Standard does not require the letter characters to be in consecutive nor in alphabetical or alphabetic order, the check might not work as expected.
| Code Block | ||||
|---|---|---|---|---|
| ||||
char ch = 'b'; if ( ( ch >= 'a' ) && (ch <= 'c')) ){ /* ... */ } |
Compliant
...
Solution
In this example, the specific check is enforced using compliant operations on character expressions.:
| Code Block | ||||
|---|---|---|---|---|
| ||||
char ch = 't'; if ( ( ch == 'a' ) || ( ch == 'b') || ( ch == 'c')) ){ /* ... */ } |
Exceptions
It is ok to assume consecutive value STR09-C-EX1: Consecutive values for characters like a~z in most platform, can be assumed on platforms where ASCII or Unicode is used. This rule is to raise awareness of recommendation is primarily concerned with platform portability if you migrate the code , for example, if code is migrated from ASCII system systems to a non-ASII systemASCII systems.
Risk
...
Assessment
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
STR09-C |
Low |
Unlikely |
Low | P3 | L3 |
Other Languages
| Wiki Markup |
|---|
This rule appears in the C++ Secure Coding Standard as \[[cplusplus:STR07-CPP. Don't assume numeric values for expressions with type plain character]\]. |
References
Automated Detection
Tool | Version | Checker | Description | ||||||
| Astrée |
| Supported indirectly via MISRA C:2012 rule 10.1. | |||||||
| Axivion Bauhaus Suite |
| CertC-STR09 | |||||||
| Helix QAC |
| C2106, C2107 | |||||||
| LDRA tool suite |
| 329 S | Fully implemented | ||||||
| Parasoft C/C++test |
| CERT_C-STR09-a | Expressions with type (plain) char and wchar_t shall not be used as operands to built-in operators other than =, ==, != and the unary & operator | ||||||
| PC-lint Plus |
| 9209 | Fully supported | ||||||
| RuleChecker |
| Supported indirectly via MISRA C:2012 rule 10.1. |
Related Guidelines
| SEI CERT C++ Coding Standard | VOID STR07-CPP. Don't assume numeric values for expressions with type plain character |
Bibliography
| [Jones 2009] | Section 5.2.1, "Character Sets" |
...
Wiki Markup